# Core concepts


Docker Hardened Images (DHIs) are built on a foundation of secure software
supply chain practices. This section explains the core concepts behind that
foundation, from signed attestations and immutable digests to standards like SLSA
and VEX.

Start here if you want to understand how Docker Hardened Images support compliance,
transparency, and security.


## Security metadata and attestations



## Compliance standards



## Vulnerability and risk management



## Image structure and behavior



## Verification and traceability